Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
Suggested Additional Assignments
Field Work: Cookies and Internet Functionality
Have students block their web browsers from accepting cookies and record how it changes their online
experience. (Since people usually find that blocking cookies substantially diminishes the quality of their
Internet time, tell them to write down their cookie settings before changing them and the steps they took
to block cookies, so they can reverse the instructions when they have had enough of this experiment.)
Firefox users can change their cookie settings via these menu choices: Select Tools/Options/Privacy,
uncheck the box labeled “Allow sites to set cookies,” then exit by clicking “OK.” Internet Explorer users
should select these menu choices: Tools/Internet Options/Privacy; click on the “Advanced” button; on
the following screen check the box labeled “Override automatic cookie handling,” choose “Block” under
both First-party cookies and Third-party cookies, then exit by clicking “OK.”
Research: Online Safety
Ask students what steps they take to protect both their privacy online and the security of their computer.
They should consider options such as: providing incorrect personal information; software-based
protections (e.g., the Windows Security Center or Zone Alarm); hardware-based protections (e.g., cable
modems or routers utilizing Network Address Translation and firewalls); and Internet-based protections
(e.g., anonymous remailers).
Research: Electronic Privacy
Shortly before the class on cyberlaw, visit the Websites http://www.privacy.org or http://www.epic.org and
assign one or two of the articles for class discussion.
Field Work: Spam
Ask students to count how many spam messages they receive in a week. If students have more than one
email account, ask them to track which account receives more spam. Are some ISPs better than others at
blocking spam? Have students noticed any decrease in the amount of spam they receive since passage of
the CAN-SPAM Act in 2003? Have they noticed any change in the nature of the spam they receive?
Field Work: Phishing
Phishing is a fast-growing crime that involves sending fraudulent emails directing the recipient to enter
personal information on a Website that is an illegal imitation of a legitimate site. Ask students to print out
a phishing email they have received. (Many such messages purportedly come from eBay, PayPal and
Chase.) How obvious is it that the message is illegitimate?
Chapter Overview
Chapter Theme
Computers are one of the greatest technological advances of modern times. Computers and the Internet
—cyberspace—together comprise one of the great technological developments of modern times.
They have changed the way we learn, conduct business, seek entertainment, make friends, enjoy our
families, and generally lead our lives. The law in this area is so young and unformed that oftentimes we
must ask not only, “What is the law?” but also, “What should the law be?”
Quote of the Day
The moving finger writes; and, having writ
Moves on: nor all thy piety nor wit
Shall lure it back to cancel half a line.
Nor all thy tears wash out a word of it. —Omar Khayyam (1050-1123) Persian poet, astronomer & mathematician
Regulation of the Internet
Net Neutrality
Internet service providers (ISPs) are companies like Verizon and Comcast that connect
customers to the Internet. Some customers require more bandwidth than others: It takes much
more capacity to watch movies and TV shows than to shop for clothing or download books or
photos. ISPs would like to have the option of treating high-capacity users differently—either
charging them more or slowing their access to the Internet.
This issue is subject to regulation by the Federal Communications Commission (FCC)
because the Telecommunications Act of 1996 grants the agency the right to regulate broadband
infrastructure. The FCC has adopted a policy of net neutrality: the principle that all information
flows on the Internet must receive equal treatment. Net neutrality is highly controversial. Both
those in favor and those opposed argue the same thing: that if their side wins, consumers and
innovation will benefit. ISPs also argue that they should be able to control Internet traffic
because some websites, like those that deliver telemedicine or emergency services, deserve
priority access.
The following case confronts this issue: Can the FCC require net neutrality? Or do ISPs
have the right to favor some users over others?
Research: Online Safety
Ask students who completed this assignment to list their responses. Prepare a chart to keep track of how
many students use each type of protection (informal, software-based, hardware-based, Internet-based, and
other), and how many students use nothing except what has been provided by default on their computer or
network. Have they had problems with invasions of privacy or damage to their computers?
Research: Electronic Privacy
This would be a good time to discuss articles from http://www.privacy.org or http://www.epic.org.
Case: Verizon v. Federal Communications Commission1
Facts: In setting rules for Internet infrastructure, the FCC ruled that broadband ISPs are not common
carriers and, therefore, not subject to rules that require equal treatment for all their customers. However,
the Commission later became concerned that ISPs might disrupt the neutral flow of information on the
Internet. It worried that an ISP like Comcast might, for example, limit access to the USA Today website if
it wanted to spike traffic to its own news website, or it might degrade the quality of the connection to
Bing if a competitor such as Google paid for prioritized access.
To prevent such behavior, the FCC issued the Open Internet Order, which prohibited broadband ISPs
from (1) blocking lawful content and services and (2) giving preferential treatment to some Internet
content or traffic. But Verizon objected, arguing that (1) the Order would not safeguard the Internet and
(2) the rules unfairly treated broadband ISPs as common carriers, even though the FCC had ruled that
they were not.
Issue: Could the FCC impose net neutrality rules on broadband ISPs?
Excerpts from Judge Tatel’s Decision: The Commission has reasonably interpreted [the
Telecommunications Act] to empower it to promulgate rules governing broadband providers' treatment of
Internet traffic, and its justification for the specific rules at issue here—that they will preserve and
facilitate the "virtuous circle" of innovation that has driven the explosive growth of the Internet—is
reasonable and supported by substantial evidence.
1 740 F.3d 623 United States Court of Appeals for the District of Columbia Circuit, 2014.
That said, even though the Commission has general authority to regulate in this arena, it may not impose
requirements that contravene express statutory mandates. Given that the Commission has chosen to
classify broadband providers in a manner that exempts them from treatment as common carriers, the
Communications Act expressly prohibits the Commission from nonetheless regulating them as
such. Because the Commission has failed to establish that the anti-discrimination and anti-blocking rules
do not impose common carrier obligations, we vacate the Open Internet Order.
Question: What is net neutrality?
Question: What are ISPs?
Regulation of User-Generated Content
The First Amendment
The First Amendment to the Constitution protects free speech, and that includes Internet postings, no
matter how bad, that have appeared on Internet message boards and blogs. As upsetting as they may be,
they are protected as free speech under the First Amendment so long as the poster is not violating some
other law. In the case below, the plaintiffs argued that the statements were defamatory but the courts
disagreed, ruling that they were simply opinions.
You Be The Judge: Juzwiak v. John/Jane Doe2
Facts: Juzwiak was a tenured teacher at Hightstown High School in New Jersey. He received three emails
from someone who signed himself “Josh,” with the address, “Josh Hartnett <jharthat@yahoo.com >“. The
teacher did not know anyone of that name. These emails said:
1. Subject line: “Hopefully you will be gone permanently” Text: “We are all praying for that.
Josh”
2. Subject line: “I hear Friday is ‘D’ day for you”
Text: “I certainly hope so. You don’t deserve to be allowed to teach anymore. Not just in Hightstown but
anywhere. If Hightstown bids you farewell I will make it my lifes (sic) work to ensure that wherever you
look for work they know what you have done.”
3. Subject line: “Mr. Juzwiak in the Hightstown/East Windsor School System.”
Text: It has been brought to my attention and I am sure many of you know that Mr. J is reapplying for his
position as a teacher in this town. It has further been pointed out that certain people are soliciting
supporters for him. This is tantamount to supporting the devil himself. I am not asking anyone to speak
out against Mr. J but I urge you to then be silent as we cannot continue to allow the children of this school
system nor the parents to be subjected to his evil ways. Thank you. Josh
It seems that this third email was sent to other people, but it was not clear to whom.
Because Juzwiak did not know who “Josh” was, he filed a complaint against John/Jane Doe, seeking
damages for intentional infliction of emotional distress. As part of the lawsuit, he served a subpoena on
Yahoo!, asking it to reveal “Josh’s” identity. When Yahoo! notified “Josh” of the lawsuit, he asked the
court to quash the subpoena.
In a court hearing, Juzwiak testified that the threatening emails had severely disrupted his life, causing
deep anger and depression as well as insomnia that had impaired his ability to concentrate and function
effectively. In addition, this emotional stress had exacerbated his back problems and caused him to lose
twenty pounds. Although he had already been taking anti-depressants, a psychiatrist prescribed four
2 415 N.J. Super. 442; 2 A.3d 428; 2010 N.J. Super. LEXIS 154, SUPERIOR COURT OF NEW JERSEY, APPELLATE
DIVISION, 2010.
additional drugs for depression, anxiety and insomnia, which were not effective in reducing his
symptoms. Juzwiak also stated that he had thoughts of hurting himself and the entire episode had
consumed his life for several months.
When the trial court refused to issue the subpoena against Yahoo!, Juzwiak appealed.
You Be the Judge: Should the trial court have issued the subpoena? Which interest is more important:
“Josh’s” first amendment right to free speech or Juzwiak’s protection from harassing emails?
Argument for “Josh”: Free speech is the first, and most important, right in the Bill of Rights. To ensure
a vibrant marketplace of ideas, the First Amendment protects not only open but also anonymous speech.
Sometimes speakers must be allowed to withhold their identities to protect themselves from harassment
and persecution.
Nothing in these messages was a realistic threat to the teacher’s safety. “Hopefully you will be gone
permanently” could easily mean “Hope you will move out of town.” Juzwiak reported these emails to the
police, but they took no action. Presumably they would have done so if there had been any real threat.
Nor did these emails constitute an intentional infliction of emotional distress. They were not so extreme
and outrageous as to be utterly intolerable in a civilized community. “Josh” did not accuse Juzwiak of
vile or criminal acts. The language was not obscene or profane. In short, if Juzwiak is going to teach high
school, he needs to develop a thicker skin and a better sense of humor.
Argument for Juzwiak: The right to speak anonymously is not absolute. “Josh” requires protection from
harassment? That is an absurd argument.
These emails contained death threats: “Hopefully you will be gone permanently” and “I hear Friday is ‘D’
day for you.” Juzwiak was frightened enough to go to the police. He suffered serious physical and
emotional harm. These emails are not entitled to the protection of the First Amendment.
Furthermore, the emails constituted intentional infliction of emotional distress. They were extreme
and outrageous conduct designed to cause harm. They achieved their goal.
In balancing the rights in this case, why would the court protect “Josh”, who has set out to cause
harm, over the innocent teacher?
Holding: The New Jersey appellate court held that a plaintiff who fails to make out a claim of
intentional infliction of emotional distress based on anonymous, offensive e-mails can’t compel the
sender’s Internet service provider to reveal his or her identity.
Question: Did Juzwiak prove his claim for intentional infliction of emotional distress?
Answer: No; Juzwiak did not prove that the defendant’s conduct was so extreme and outrageous nor
that the conduct caused distress so severe that no reasonable man could be expected to endure it.
The Fourth Amendment
The Fourth Amendment to the Constitution prohibits unreasonable searches and seizures by the
government.
The Communication Decency Act if 1996
Under the CDA, end users and anyone who simply provides a neutral forum for information (such as ISPs
and website operators) are not liable for content that is provided by someone else. Only content providers
are liable
Case: Carafano v. Metrosplash.com, Inc.3
Facts: Christianne Carafano is a film actor under the stage name Chase Masterson. Someone posted a
profile of her on the Matchmaker.com Internet dating service. This phony profile stated that Carafano
3 339 F.3d 1119; 2003 U.S. App. LEXIS 16548 United States Court of Appeals for the Ninth Circuit,
2003
was “[l]ooking for a one-night stand” and for a “hard and dominant” man with “a strong sexual appetite,”
and that she “liked sort of being controlled by a man, in and out of bed.” The profile also provided her
home address and an email address, which, when contacted, produced an automatic email reply stating,
“You think you are the right one? Proof it!!” [sic], and providing Carafano’s home address and telephone
number.
Unaware of this posting, Carafano began receiving sexually explicit and harassing phone calls, faxes,
and email messages. Feeling unsafe, Carafano and her son moved out of their Los Angeles home. When
Carafano’s assistant learned of the false posting she contacted Matchmaker.com, demanding its removal.
It took Matchmaker.com two days to remove the phony profile.
Carafano sued Matchmaker for invasion of privacy, misappropriation of the right of publicity,
defamation, and negligence. The district court rejected Matchmaker’s argument for immunity under the
CDA on the grounds that the company provided part of the profile content.
Issue: Does the CDA protect Matchmaker from liability?
Excerpts from Judge Thomas’s Decision: Through [the CDA], Congress granted most Internet services
immunity from liability for publishing false or defamatory material so long as the information was
provided by another party. As a result, Internet publishers are treated differently from corresponding
publishers in print, television, and radio. Congress enacted this provision for two basic policy reasons: to
promote the free exchange of information and ideas over the Internet and to encourage voluntary
monitoring for offensive or obscene material.
Interactive computer services have millions of users. It would be impossible for service providers to
screen each of their millions of postings for possible problems. Faced with potential liability for each
message republished by their services, interactive computer service providers might choose to severely
restrict the number and type of messages posted. Congress considered the weight of the speech interests
implicated and chose to immunize service providers to avoid any such restrictive effect. Under [the
CDA], therefore, so long as a third party willingly provides the essential published content, the interactive
service provider receives full immunity regardless of the specific editing or selection process.
The fact that some of the content [in Carafano’s fake profile] was formulated in response to
Matchmaker’s questionnaire does not [make Matchmaker liable]. Doubtless, the questionnaire facilitated
the expression of information by individual users. However, the selection of the content was left
exclusively to the user. Matchmaker cannot be considered an “information content provider” under the
statute because no profile has any content until a user actively creates it.
Further, even assuming Matchmaker could be considered an information content provider, the statute
would still bar Carafano’s claims unless Matchmaker created or developed the particular information at
issue. In this case, critical information about Carafano’s home address and the e-mail address that
revealed her phone number were transmitted unaltered to profile viewers. Thus Matchmaker did not play
a significant role in creating, developing, or “transforming” the relevant information.
Thus, despite the serious and utterly deplorable consequences that occurred in this case, we conclude
that Congress intended that service providers such as Matchmaker be afforded immunity from suit.
.
Question: What role did Matchmaker play in developing the content that was posted as a profile of
Carafano?
Question: Was Matchmaker a content provider?
Question: Is Matchmaker liable?
Question: Why did Congress make ISPs immune from liability for material posted online by others
under the Communications Decency Act?
Answer: To promote the free exchange of information and ideas over the Internet and because it
Question: Can Carafano recover damages from anyone?
Question: A great deal of harm can be done very quickly on the Internet. Did Congress make the
right policy decision when it passed the CDA?
Consumer Protection
The FTC Act
Section 5 of the FTC Act prohibits unfair and deceptive acts or practices. The FTC applies this statute to
online privacy policies. It does not require websites to have a privacy policy, but if they do have one, they
must comply with it, and it cannot be deceptive.
Spam
Spam is officially known as unsolicited commercial email (UCE) or unsolicited bulk email (UBE).
The Controlling the Assault of Non-Solicited Pornography and Marketing Act
(CAN-SPAM) is a federal statute that regulates spam, but does not prohibit it.
Additional Case: You Be The Judge: United States of America v.
Cyberheat, Inc.4
Facts: Cyberheat, Inc., ran sexually explicit websites for consenting adults. It hired other companies,
called affiliates, to drive potential subscribers to its sites. The affiliates were paid a fee for each
subscriber they generated. The contract that Cyberheat signed with its affiliates explicitly prohibited them
from violating the CAN-SPAM Act. It also discouraged email promotions. However, Cyberheat did not
investigate its affiliates, nor did it actively monitor their compliance. Cyberheat provided affiliates with a
hyperlink to use in emails that would link them directly to the sexually explicit site being advertised.
The FTC alleged that ten Cyberheat affiliates violated CAN-SPAM by sending 642 unwelcome,
sexually explicit spam emails for which they were paid $209,120 in commissions. In some cases the
pornographic emails had fake subject lines, when in fact the email contained pornographic images.
Cyberheat received about 400 complaints, which it ignored or handled belatedly. Oftentimes the
affiliate was allowed to continue for more than one year or was never terminated.
The Justice Department filed suit seeking civil penalties of up to $11,000 for each violation and an
injunction to prohibit further violations. Both the FTC and Cyberheat filed motions for summary
judgment.
You be the Judge: Did Cyberheat violate the CAN-SPAM Act?
Holding: Possibly, the case must go to trial. According to the court, the CAN-SPAM Act was not
enacted in a vacuum. The purpose of the Act is to protect those who do not want to view sexually explicit
material.
Anyone who supplies this pornographic material should be held to a high standard – they must be
responsible for ensuring that it is not sent to innocent and unwilling recipients. Cyberheat could have
foreseen that when it supplied pornographic materials to its affiliates, violations of the Act would result. It
might not be fair to hold Cyberheat responsible for an accidental or mistaken violation, immediately
attended to and corrected. But that is not what happened here – Cyberheat kept paying any number of
violators. It cannot insulate itself from any liability for the actions of the affiliates on its ultimate behalf
4 2007 U.S. Dist. LEXIS 15448, United States District Court for the District of Arizona, 2007.
and for its financial benefit purely by putting on blinders. It has a duty that it can only delegate at its own
peril.
Question: Did Cyberheat know its affiliates were sending sexually explicit emails?
Answer: There was no evidence that Cyberheat actually knew that its affiliates were sending sexually
Question: But, Cyberheat told its affiliates specifically not to violate the Act and discouraged them from
using email. How can Cyberheat, then, be responsible for its affiliates violations?
Answer: According to the court, the purpose of the Act is to protect those who do not want to view
sexually explicit material. As a supplier of sexually explicit material, Cyberheat has a duty to ensure the
Field Work: Spam
Students who completed this assignment should report their findings now. Chart the answers to these
questions on the board:
What is the average amount of spam students receive in one week?
Who received the most spam in one week?
Who received the least?
Did the person who received the least take special measures to cut down on spam?
Have they noticed any decrease in the amount of spam they receive since passage of the
CAN-SPAM Act in 2003?
Have they noticed any change in the nature of the spam messages they receive?
Privacy in a Digital World
How We Lose Our Privacy Online
Sometimes we voluntarily give up our privacy without considering the consequences; in other cases, it is
taken from us without our knowledge. Some of the ways our privacy may be violated or taken advantage
of include:
Social Media sites
Data mining and behavioral marketing
Workplace privacy
Regulation of Online Privacy
The most important laws and regulations that protect online privacy include:
The Fourth Amendment
Privacy Torts
Fair Information Practices
Federal Privacy Statutes
State Regulation
European Privacy Law
